A conventional approach to authenticating a human involves receiving a current one-time passcode (OTP) from a computer operated by the human, and comparing the current OTP to an expected OTP for that human. If the current OTP matches the expected OTP, authentication of the human is considered successful. However, if the current OTP does not match the expected OTP, authentication of the human is considered unsuccessful.
Once authentication is deemed successful under the conventional approach, the human is allowed to access one or more protected resources. Such protected resources may include account access (e.g., logins, virtual private network access, etc.), access to sensitive data (e.g., files, confidential records, software, etc.), and the ability to complete transactions (e.g., online purchases, financial transactions, etc.).